EX vlan (trunk/access) tagging question - solved by defaulting switch

I have two 4200-24s. One of these is purely for testing, the other is production, but currently as a 'dumb switch.'

I'm new to Junos and have read several books such as O'Reily's Enterprise Switching, as well as tech pubs in general.

On my test 4200, I am trying to configure ge-0/0/0 and /1 to be trunk ports, for connection to access points. These access points support 5 vlans (10, 20, 30, 40, and 50). For the purposes of this test, as well as to use some of the information I have found, there are also several access ports for vlan50 (MGMT). A port mirror runs on /23 for testing purposes.

Originally, APs connected to ge-0/0/15, /16 as access ports, could communicate to each other, but not the AP utilizing a trunk port on ge-0/0/1. This mysteriously changed upon power cycling the 4200.

Currently, the AP on ge-0/0/1 can communicate to the AP on ge-0/0/16. The AP on /15 is unreachable from other ports.

The AP on /1 can not communicate with the AP on /10 either.

When setting port mirror options to vlan10 (PUBLIC), both the trunked AP on /1, as well as the AP on /10, can be seen arping for the destination.

When the mirror is set to the /1 port, only traffic originating from the AP on /1 is seen arping. Traffic sourced from the AP on /10 is not visible.

When the mirror is set to vlan50 (MGMT), the AP on /1 is visible both pinging the AP on /16 and arping for the AP on /15. The AP on /15 can be seen arping for the AP on /1.

When the mirror is set to the /1 port, both /1 and /15 are seen arping for each other.

Below is the switch configuration, minus unused ports that were snipped out to shorten the config.

Also, the rvi for the each vlan is not pingable from APs. No ping is successful from the 4200 either.

I am at wits end trying to figure out how to configure this. I haven't been able to get a trunk up between the two 4200s either, but I'll work that after getting this running.

Re: EX vlan (trunk/access) tagging question

May I ask if these are Cisco AP's? The reason I ask is because I recently had a similar issue with a new implementation that involved some Cisco AP's and a EX switch. Long story short, the AP's were in HREAP mode and I had to explicity define the Native VLAN ID to match the management VLAN in order for the AP's to reach the Controller and locally switch clients via the other VLANs. I've pasted an example below. With regards to the RVI ping issue, I think you need "accept-data" command for the RVI to respond. Let me know how you make out.

With or without a native vlan, one access port works, while one doesn't, yet the AP configs are the same short of the ip address on each. Swapping the physical connections, the pingable AP moves. This would indicate a config error on the AP, yet copying the config from the working unit to a new unit, and changing the ip, does not correct the issue.